Suricata 'Enable Packet Log'
-
Hi community
I've enabled 'Enable Packet Log' for my WAN interface where will Suricata save this file ? I found an empty 'packetcapture.cap' in /root but I think this is from the pfsense utility to capture packets
Secondly what's the quickest way to download the suricata pcap file once I find it onto my windows machine
-
Hi community
I've enabled 'Enable Packet Log' for my WAN interface where will Suricata save this file ? I found an empty 'packetcapture.cap' in /root but I think this is from the pfsense utility to capture packets
Secondly what's the quickest way to download the suricata pcap file once I find it onto my windows machine
All Suricata log files and packet captures will be stored in /var/log/suricata and sub-directories underneath there.
Bill
-
Thankyou !
Will be using it to teach myself some things